PhishMeNot FormAdvisor

I would like to get some feedback on a software that I worked on for "preventing" Phishing attacks. It's called "PhishMeNot FormAdvisor" and is available at http://www.phishmenot.com/.

Basically, the idea is to show relevant information (about where your personal information is going when you enter one on a website) where it matters and where it's hard to miss in a non-intrusive way. The information is presented in a very layman format in the hope that it might make an unsuspecting user aware of any fraud or the fact that the personal information is not going over https.

Seems like it's a very simple and clear way of alerting people, which is exactly what's required.

Is it 100% guaranteed to work as a cross reference against ALL www's, or ? And how does it work ?

Not everybody has the Browsers, or versions you list. For eg, i use IE6 + FF v3.0.13 so would it be possible to include these as well. If so you will enable a lot more people out there in www land to be better informed, and hopefully protected too.

Your www lists -

PhishMeNot FormAdvisor runs on Windows XP, Vista, and 7. The following browsers are supported:

I am currently working on a Firefox version. It just that Firefox addon documentation based on xpcom is not much out there. I have to read a bit of Firefox source to get the things done.

As far as IE is concerned, PhishMeNot formAdvisor actualy could work on IE versons starting 6.0. In IE 8.0, it's much easier to show the name of the orgranization for secured sites instead of domain name which is more easier to understand for a many (e.g., Citibank versus accountonline.com). I was hoping the people out there would upgrade to latest and greatest when it comes to browser so having IE8 as a requirement would not be a problem. I might be wrong. It does looks like that IE6 and IE7 are still quite in use. (http://en.wikipedia.org/wiki/Internet_Explorer_8). I will add the support for IE6 and IE7 back.

Is it 100% guaranteed to work as a cross reference against ALL www's, or ? And how does it work ?

Click to expand...

The appraoch to what it shows is very simplistic in this initial version. Basically, you get to see the following:

- domain name or the name of company where information will be submitted. It actually, in most cases, can figure out the submit url even if the url changes dynamically when you click "submit" (or whatever the name of the button that submits the form). This dynamic discovery is turned off by default if you're on a secure site already.

- Green shield: You on a secure site or information is submitted to a secure site. e.g., green on secure site, green on unsecure site but the form is submitted to a secure site.

- Red shield: Information is submitted to a insecure site.

- Orange shield: For some reason, it can not determine the url where data will be submitted

There are two aspects that PhishMeNot FormAdvisor attempts to address:

- To show the information where it matters in an non-intrusive way
- To show relevant information in a layman language

It's not a protection against Phishing rather a possible prevention.

If anyone wants to test it out on real phishing sites, I would suggest installing the software and trying out phishtank.com *** but be careful.

phishmenot, after offline evaluation of the Web site, I have placed the domain name back on your original post, without a link to it. However, may I remind all members that they should avoid navigating to the reported sites listed there, since the content of those secondary locations is questionable at best, and potentially malicious.

I installed it today with no problems on IE6, then visited several naughty www's listed on PhiseTank.

As soon as i started entering the first character Phishmenot jumped in with an alert. Here's just one example -

So far so good ! Now if i backspaced the character/s and entered again, i recieved NO alert ? Also when entering in other fields i didn't always get alerted, only on some ?

I appreciate that continuing to proceed after the first alert if someone was doing it for real would be foolish. Would it be possible though for Phishmenot to alert on every input, or do you think it's overkill ? If it could be done without too much extra coding, and/or without impairing a browsers performance, then that would be very worthwhile i believe.

Anyway, so far it gets a big thumbs up from me, as i'm sure most people out there in www land would Really benefit from this.

Thanks, StevieO for trying it out. I am glad that your first impression was not bad.

Currently, it selectively highlights the fields (with a shield) that may be of high importance. Highlighting all the fields seems like a lot. But it could be just a user setting and by default it does what it does now.

Also, as you noticed it is very conservative in terms how often it alerts but again it could be user setting to alert on all input. I don't think it will impair performance at all.

You are helping in a way exactly I thought I would get from the community. Once I have enough feedbacks, it would be easier to change the default behavior.

I will include a UI in the next update so a user can change some of the default behavior.

I downloaded a copy and tried it out. I like the idea of it, but it tells me it is unsafe to enter my personal information in the logon boxes on this site (Wilders). That doesn't stop me from logging on here, but for the individuals that would most need this program I think it would only confuse them. I assume it is doing this because it is not an SSL logon, but if that is the case I think the little balloon needs more info other than "It's not safe to enter your personal information here." I do think this program has a lot of potential though.